Authentication for admitting parties into a network

ABSTRACT

A system and device for authenticating and admitting parties located at remote sites ( 115 ) to a secure communication network ( 100 ), wherein each remote site includes a device operable to execute code for determining a first authenticating value received from a second site ( 110 ), which is blinded with a value associated with the remote site ( 115 ), encrypting and transmitting the determined value and decrypting a second authenticating value and validating the transmitting site ( 110 ) when the unblinded first authenticating value is equivalent to the second authenticating value. Furthermore, the transmitting site ( 110 ) includes a devices operable to execute code for generating and transmitting a first authenticating value blinded by a value associated with a remote site ( 115 ), decrypting a value and validating the remote site when the authenticating value is equivalent to the decrypted received value.

FIELD OF THE INVENTION

This application is related to the field of secure networks and morespecifically to apparatus for authenticating and admitting parties to asecure network configuration.

BACKGROUND OF THE INVENTION

Since the introduction of the public network, such as the Internet, manybusinesses have changed their mode of operation considerably.Manufacturers and retailers, through the use of interactive dialoguepages, allow their consumers to buy products directly, using aconventional credit card. In this case, security of the credit cardinformation is important to prevent theft of the credit card informationand fraud. Conventionally, credit card information is transmitted over asecure socket layer (SSL) that encrypts the information using well-knownencryption algorithms, such as RSA and digital certificates. As oneskilled in the art would recognize, RSA refers to an encryptionalgorithm developed by Rivest, Shamir, and Adleman that generates publickey and private key information based on the mathematics of large primenumbers. In operation, each party generates a public/private keycombination pair and makes the public key available to all otherparties. A first party may then encrypt information items using anotherparty's public key and another party may decrypt the information itemusing the corresponding private key. Similarly, a party may digitallysign a document by encrypting information items using their private keyand only another party having access to the corresponding public key isable decrypt the encrypted information. Thus, using public/privateencryption algorithms, information items can be securely transmittedover networks while providing a level of assurance that the parties areauthorized to transmit or receive the information items.

Video conferencing is an example wherein secure communications among theparties is particularly important. In this case, each party may“sign-on” to the video conference using either a provided public key orby using their private key. The conference may then proceed as eachparty is able to participate in the conference. However, encryptioncodes may be compromised, cracked or hacked and the authentication ofthe parties network may be suspect and the information transmitted overthe network could become available to parties that are not authorized toreceive such information. The release of this information may causesignificant social and/or economic damage.

Accordingly, there is a need for a system and devices that ensures theauthentication of the parties and further allows the admission of theauthenticated parties to the secure network.

SUMMARY OF THE INVENTION

A system and device for authenticating and admitting parties located atremote sites to a secure communication network, wherein each remote siteincludes a device operable to execute code for determining a firstauthenticating value received from a second site, which is blinded witha value associated with the remote site, encrypting and transmitting thedetermined value and decrypting a second authenticating value andvalidating the transmitting site when the unblinded first authenticatingvalue is equivalent to the second authenticating value. Furthermore, thetransmitting site includes a devices operable to execute code forgenerating and transmitting a first authenticating value blinded by avalue associated with a remote site, decrypting a value and validatingthe remote site when the authenticating value is equivalent to thedecrypted received value.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a block diagram of a system utilizing the principlesof the invention for authenticating parties to a transaction;

FIG. 2 illustrates a flow chart of a first process for authenticatingparties in accordance with the principles of the invention;

FIG. 3 illustrates a flow chart of a second process for authenticatingparties to a transaction in accordance with the principles of theinvention;

FIG. 4 illustrates a flow chart of a process for admitting parties to atransaction in accordance with the principles of the invention;

FIG. 5 illustrates a flow chart of a second process for admittingparties to a transaction in accordance with the principles of theinvention;

FIG. 6 illustrates the interactive communication between server and sitefor authenticating and establishing a link between parties in accordancewith the principles of the invention; and

FIG. 7 illustrates a device for executing the processing shown in FIGS.2 through 6.

It is to be understood that these drawings are solely for purposes ofillustrating the concepts of the invention and are not intended as adefinition of the limits of the invention. The embodiments shown inFIGS. 1-7 and described in the accompanying detailed description are tobe used as illustrative embodiments and should not be construed as theonly manner of practicing the invention. Also, the same referencenumerals, possibly supplemented with reference characters whereappropriate, have been used to identify similar elements.

DETAILED DESCRIPTION OF THE INVENTION

FIG. 1 illustrates a block diagram of a system 100 for requiring asecure communication link among a plurality of available remote sitesover a network in accordance with the principles of the invention. Inthis illustrated diagram, server 110 is in communication, via network150, to remote sites 115, 120, 125, 130 and 135. Protocols, e.g.,TCP/IP, that provide for two-way communications over network 150 arewell-known in the art and need not be discussed in detail herein.

Server 110 further includes information, such as a value, code or label,that uniquely identifies each remote site. That is, each remote site isregistered with server 110. For example, site 115 may be identified,associated or registered with a unique value, code or label, which inthis case is depicted as “Identification No. 1.” Further, site 120 maybe identified, associated or registered with a value, code or labelunique to site 120. In this case, site 120 is depicted as being uniquelyidentified by the label “Identification No. 2.” Similarly, site 135 maybe identified, associated or registered with a unique value, code orlabel, which is depicted as “Identification No. 5.” Similaridentifications are made for remote sites 125 and 130.

In one aspect of the invention, each associated identification value,code or label may be an arbitrarily selected value or combination ofalpha-numeric values. In another aspect of the invention, eachassociated identification value, code or label may be selected toinclude known properties, e.g., a prime number of a known order or size.

Server 110 may generate and maintain each unique value associated witheach remote site and provide this information to the associated remotesite. In another aspect, server 110 may be provided each unique value bythe corresponding remote site. In either aspect of the invention,knowledge of the unique remote site code is retained by server 110 andthe associated remote site only. In addition, server 110 includes apublic key/private key encryption algorithm, e.g., RSA. In one aspect, acommon server public key may be distributed to each of the remote sites.In another aspect of the invention, server 110 may generate andassociate a public key/private key for each remote site. In this aspect,the remote site is provided an individualized server public key. Thepublic keys may be distributed to each of the remote sites on a periodictime basis, a random time basis, dynamically or upon request when aremote site registers with server 110 or when a conference among sitesis scheduled. Preferably, public key(s) are provided when a request fora connection is received.

FIG. 2 illustrates a flow chart of an exemplary process 200 maintainedon server 110 for authenticating parties to a secure transaction orcommunication in accordance with the principles of the invention. Forthe sake of clarity, the novel aspects of the invention are nowdescribed with regard to a conference invitor and a conference invitee.In this exemplary process 200, server 110, responsive to a request toestablish a secure communication between invitor, e.g., remote site 120from FIG. 1, and invitee, e.g., remote site 130, generates a randomnumber for each party at block 205. At block 210, the generated randomnumbers are encrypted, warped or blinded using the unique identificationvalue associated with the sites at block 210. In a preferred embodimentof the invention, the generated random numbers are blinded using thefollowing relation:R_exp1XOR ID_(a); andR_exp2XOR ID_(b)  [1]

-   -   where R_exp1 and R_exp2 are the two generated random numbers;        -   ID_(a) is the unique value associated with a first site;        -   ID_(b) is the unique value associated with a second site;            and            -   XOR is a conventional Boolean Logical function.

At block 215, the two blinded values are then encrypted using theprivate key associated with server 110. That is, server 110 encrypt, orscramble, the blinded values. As would be understood by those skilled inthe art, the process of encrypting a value obscures or scrambles thevalue in a manner that render the value unintelligible, unclear or innear of translation by those not in possession of a comparabledecrypting process. At block 220, the encrypted blinded values aretransmitted over network 150, shown in FIG. 1. At block 225, server 110waits for a response from the remote sites. When a response is detected,the received message is decrypted using the private key of server 110 atblock 230.

At block 235, a determination is made whether the decrypted receivedvalue is equal to the random value transmitted at block 220. If theanswer is negative, then a response was received from a non-authorizedsite. Processing then exits, as the remote site cannot be authenticated.

However, if the answer is in the affirmative, then the identity of theremote site is confirmed, as only the specified remote site is able toreturn the generated and provided random number, i.e., R_exp1 or R_exp2.At block 240, the random number associated with the site is thenencrypted using the private key of server 110 and transmitted over thenetwork at block 245. At block 250, server 110 awaits a response to thetransmitted encrypted message.

When a response is received, a list of encryption algorithms availableto each party is obtained at block 260. At block 265, server 110acknowledges that a secure connection between the parties is establishedand an encryption algorithm is selected. Preferably, the encryptionalgorithm is present is present in at each party site. In anotheraspect, each party may provide a list of available encryptionalgorithms, from which server 110 may select comparable algorithms. Inanother aspect, server 110 may provide each party with a suitableencryption algorithm.

FIG. 3 illustrates a flow chart of a process 300 operable on a remotesite for authenticating the parties and establishing a securecommunication link between the parties. In this exemplary process, aremote site, e.g., site 130, receives an initial transmission fromserver 110 at block 310. At block 315, the message is decrypted usingthe public key of server 110. At block 320, the decrypted message isthen unblinded using the unique identification code associated with eachremote site. In the preferred embodiment of the invention, shown inequation [1], the information may be unblinded using the principle:{[a XOR b] XOR b}=a  [2]

-   -   where a is representative of the generated random number; and        -   b is representative of the remote site identification value.

As would be recognized by those skilled in the art, only the remote sitehaving knowledge of the associated identification value, code or labelis able to correctly determine the generated random number.

At block 325, the unblinded random number is then encrypted using thepublic key of server 110 and transmitted over the network at block 330.At block 335, the remote site awaits a response from server 110.

When a response is received, the information is decrypted using thepublic key of server 110. At block 345, a determination is made whetherthe decrypted value from block 340 is the same as the decrypted,unblended value obtained at block 320. If the answer is negative, thenprocessing ends, as there is a failure in the authorizations process.

However, if the answer is in the affirmative, then a list of encryptionalgorithms available to the remote site are provided to server 110 atblock 350 and an acknowledgment that the authentication process iscompleted is provided at block 355.

FIG. 4 illustrates a flow chart of an exemplary process 400 foradmitting authenticated parties to a secure network configuration. Inthis illustrated process, at block 410, server 110 receives randomnumbers generated from each remote site capable of being authenticated,i.e., successfully complete the processing shown in FIGS. 2 and 3. Therandom numbers are arbitrarily generated. Preferably, there is nocorrelation between the random numbers generated. Although not shown, itwould be appreciated that the random numbers may be received in anencrypted or scrambled form using a public key and may requiredecryption using a local key prior to subsequent usage.

At block 415, server 110 blinds the received random numbers using eachof the unique remote site identification numbers. In one aspect of theinvention, the random numbers are blinded using the logical functionshown as:R_site1XOR ID₂; andR_site2XOR ID₁  [3]

-   -   where R_site1 is the random numbers generated by a first site;        -   R_site2 is the random numbers generated by a second site;        -   ID_(a) is the unique value associated with a first site;        -   ID_(b) is the unique value associated with a second site;            and        -   XOR is a conventional Boolean Logical function.

At block 420, the blinded values are then transmitted to the respectiveremote sites such that each remote site receives the blinded randomnumber of another remote site.

In another, and preferred, aspect of the invention, the random numbersare blinded using the logical function shown as:R_site1XOR R_site2  [4]

FIG. 5 illustrates a flow chart of an exemplary process 500 performed ateach remote site for admitting authenticated parties to a secure networkconfiguration. In this exemplary process, a random number is generatedat block 510. At block 515, the generated random number is encryptedusing server 110 public key and transmitted over the network at block520. At block 525, the remote site waits for a response from server 110.

When a response is received, the received value is unblinded. In theaspect of the invention represented by equation 3, a process similar tothat shown in equation 2 may be used to unblind the values. In theaspect of the invention represented by equation 4, the values may beunblinded in accordance with:{[a XOR b] XOR b}  [5]

-   -   where a is representative of a random value of one site; and        -   b is representative of a random value of another site

Accordingly, each remote site possesses the random number generated byanother remote site. At block 535, an encryption key is formulated usingthe random numbers generated by each site conforming to the selectedencryption algorithm. Although not shown, it would be recognized bythose skilled in the art, the blinded value received may further beencrypted using a private key. Hence, the received values are decryptedusing a provided corresponding public key. As would be furtherunderstood, the order of processing blinding and encryption informationmay be interchanged without affecting the scope of the invention.

FIG. 6 depicts a chronological sequence 600 of the transfer ofinformation between a party requesting a conference, referred to asclient 1, 610, and server 615 and an invitee to the conference, referredto as client 2, 620. In this illustrated sequence, client 1, 610, sendsa request, 630, for a conference with invitee 620 to server 615. Server610 transmits to client 1, 610 and client 2, 620, encrypts blindedrandom values, R_exp1; i.e., E_(kr)(R_exp1 XOR ID1) and R_exp2, i.e.,E_(kr)(R_exp2 XOR ID2), respectively.

Client 1, 610 and client 2, 620 transmit to server 615 encrypted valuesrepresentative of R_exp1, i.e., E_(ku)(R_exp1), and R_exp2, i.e.,E_(ku)(R_exp2), respectively. Server 620 then transmits to client 1, 610and client 2, 620, digitally signed, encrypted random values R_exp1 andR_exp2, i.e., E_(kr)(R_exp1 ) and E_(kr)(R_exp2), respectively.

Client 1, 610 and client 2, 620, after successfully decrypting thetransmitted values, then transmit and acknowledge a list of encryptionalgorithms, i.e., cipher suite, to server 615. Server 615 then providesan indication that a connection between the parties has been establishedand selects a cipher to secure the communications between the parties.

Client 1, 610 and client 2, 620 in one aspect of the invention may thengenerate random values, Rand1 and Rand2, respectively, and transmitencrypted versions of Rand1 and Rand 2 to server 615. Server 615 thentransmits digitally signed blinded value, E_(kr)(Rand1 XOR Rand2) toboth client 1, 610 and client 2, 620. Client 1, 610 and client 2, 620may then use a known combination of Rand1 and Rand2 to form a sessionkey suitable for the selected cipher.

FIG. 7 illustrates a system 700 for implementing the principles of theinvention as depicted in the exemplary processing shown in FIGS. 1 and2. In this exemplary system embodiment 700, input data is received fromsources 705 over network 750 and is processed in accordance with one ormore software programs executed by processing system 710. Processor 710may be representative of a handheld calculator, special purpose orgeneral purpose processing system, desktop computer, laptop computer,palm computer, or personal digital assistant (PDA) device, etc., as wellas portions or combinations of these and other devices that can performthe operations illustrated in FIGS. 1-6. The results of processingsystem 710 may then be transmitted over network 770 for viewing ondisplay 780, reporting device 790 and/or a second processing system 795.

Specifically, processing system 710 includes one or more input/outputdevices 740 that receive data from the illustrated source devices 705over network 750. The received data may then be applied to processor720, which is in communication with input/output device 740 and memory730. Processor 720 may be a central processing unit (CPU) or dedicatedhardware/software, such as a PAL, ASIC, FGPA, operable to executecomputer instruction code or a combination of code and logicaloperations. Input/output devices 740, processor 720 and memory 730 maycommunicate over a communication medium 725. Communication medium 725may represent a communication network, e.g., ISA, PCI, PCMCIA bus, oneor more internal connections of a circuit, circuit card or other device,as well as portions and combinations of these and other communicationmedia.

In one embodiment, processor 720 may include code which, when executed,performs the operations illustrated herein. The code may be contained inmemory 730, read or downloaded from a memory medium such as a CD-ROM orfloppy disk represented as 783, or provided by manual input device 785,such as a keyboard or a keypad entry, or read from a magnetic or opticalmedium (not shown) which is accessible by processor 720, when needed.Information items provided by input device 783, 785 and/or magneticmedium may be accessible to processor 720 through input/output device740, as shown. Further, the data received by input/output device 740 maybe immediately accessible by processor 720 or may be stored in memory730. Processor 720 may further provide the results of the processingshown herein to display 780, recording device 790 or a second processingunit 795 through I/O device 740.

As one skilled in the art would recognize, the terms processor,processing system, computer or computer system may represent one or moreprocessing units in communication with one or more memory units andother devices, e.g., peripherals, connected electronically to andcommunicating with the at least one processing unit. Furthermore, thedevices illustrated may be electronically connected to the one or moreprocessing units via internal busses, e.g., serial, parallel, ISA bus,microchannel bus, PCI bus, PCMCIA bus, USB, wireless, infrared, radiofrequency, etc., or one or more internal connections of a circuit,circuit card or other device, as well as portions and combinations ofthese and other communication media, or an external network, e.g., theInternet and Intranet. In other embodiments, hardware circuitry may beused in place of, or in combination with, software instructions toimplement the invention. For example, the elements illustrated hereinmay also be implemented as discrete hardware elements or may beintegrated into a single unit.

As would be understood, the operations illustrated in FIGS. 2-5 may beperformed sequentially or in parallel using one or several differentprocessors to determine specific values. Processor system 710 may alsobe in two-way communication with each of the sources 705. Processorsystem 710 may further receive or transmit data over one or more networkconnections from a server or servers over, e.g., a global computercommunications network such as the Internet, Intranet, a wide areanetwork (WAN), a metropolitan area network (MAN), a local area network(LAN), a terrestrial broadcast system, a cable network, a satellitenetwork, a wireless network, or a telephone network (POTS), as well asportions or combinations of these and other types of networks. As willbe appreciated, networks 750 and 770 may also be internal networks orone or more internal connections of a circuit, circuit card or otherdevice, as well as portions and combinations of these and othercommunication media or an external network, e.g., the Internet andIntranet.

In a preferred embodiment of the invention, the selected encryptionalgorithm may be selected from the group consisting of stream cipherencryption or fast block cipher encryption algorithms. As would berecognized in the art, the specific algorithm selected may be determinedbased on the overall performance of the application and the networkconfiguration. Furthermore, the size of a random value generated or thekeys used in the encryption algorithm may be dependent upon theestimated length of the session. In another aspect of the invention, theduration of the encryption key may be selected dependent upon a maximumnumber of packets that may be transmitted. For example, the duration ofthe encryption key may be set for 10000 packets for a 1-hour session or20000 packets for a 2-hour session. Thus, after a fixed amount of timeor the transmission of a fixed number of packets the encryption key maybe terminated and a new key established.

While there has been shown, described, and pointed out fundamental novelfeatures of the present invention as applied to preferred embodimentsthereof, it will be understood that various omissions and substitutionsand changes in the apparatus described, in the form and details of thedevices disclosed, and in their operation, may be made by those skilledin the art without departing from the spirit of the present invention.For example, although the present invention has been disclosed withregard to video conferencing, it would be recognized by those skilled inthe art that the present invention may be used with audio and/ormultimedia conferencing or exchange of data between parties. Althoughthe present invention has been described with regard to a single set ofkeys, it is contemplated, and considered within the scope of theinvention, that multiple sets of keys may be determined. For example, ina multimedia exchange one set on keys may be used for audio transmissionand a second set of keys may be generated for video transmission.Furthermore, it would be recognized by those skilled in the art that theblinding operation may be performed by functions and/or operationssimilar to the XOR operation discussed.

It is expressly intended that all combinations of those elements thatperform substantially the same function in substantially the same way toachieve the same results are within the scope of the invention.Substitutions of elements from one described embodiment to another arealso fully intended and contemplated.

1. A system for authenticating and admitting parties located at remotesites to a secure communication network, wherein each remote siteincludes a device in communication with said network comprising: aprocessor in communication with a memory, operable to execute code for:determining a first authenticating value received over said network froma second one of said remote sites, wherein said first value is blindedby a value associated with said remote site; encrypting said determinedfirst authenticating value using an encryption key associated with saidsecond one of said remote sites; transmitting said encrypted firstauthenticating value over said network; decrypting a secondauthenticating value received from said network, wherein said secondvalue is decrypted using said encryption key; and validating said secondone of said remote sites when said first authenticating value isequivalent to said second authenticating value.
 2. The system as recitedin claim 1, wherein said processor is further operable to execute codefor: transmitting at least one indication associated with at least oneencryption algorithm over said network.
 3. The system as recited inclaim 1, wherein said first authenticated value is encrypted.
 4. Thesystem as recited in claim 3, wherein said processor is further operableto execute code for: decrypting said encrypted first authenticated valueusing said encryption key.
 5. The system as recited in claim 1, whereinsaid processor is further operable to execute code for: transmitting anencrypted admitting value over said network, wherein said admittingvalue is local to said remote site; unblinding a second received valueover said network; and formulating a session encryption key using saidadmitting value and said unblinded second received value.
 6. The systemas recited in claim 5 wherein said second received value is encrypted.7. The system as recited in claim 6, wherein said processor is furtheroperable to execute code for: decrypting said second received value. 8.The system as recited in claim 5, wherein said admitting value is arandom value.
 9. The system as recited in claim 1, wherein saidencryption key is provided by said second one of said remote sites. 10.The system as recited in claim 9, wherein said encryption key is apublic key associated with a public key/private key encryptionalgorithm.
 11. The system as recited in claim 1, wherein said devicefurther comprises: an input/output unit operable to providecommunication between said processor and said network.
 12. The system asrecited in claim 1, wherein code is stored in said memory.
 13. Thesystem as recited in claim 1, wherein said second one of said remotesites is not party to said secure communications.
 14. The system asrecited in claim 1, wherein said processor is operable to execute codefor: performing a logical operation to determine said a firstauthenticating value
 15. A system for authenticating and admittingparties located at remote sites to a secure communication network,wherein a dedicated site not party to said secure communication networkincludes a device in communication with said network comprising: aprocessor in communication with a memory, operable to execute code for:transmitting an authenticating value blinded by a value associated witheach of said remote sites over said network; decrypting a value receivedover said network using an encryption key local to said dedicated site;validating said remote site when said authenticating value is equivalentto said decrypted received value.
 16. The system as recited in claim 15,wherein said processor is further operable to execute code for:encrypting said blinded value using an encryption key local to saiddedicated site.
 17. The system as recited in claim 15, wherein saidprocessor is further operable to execute code for: transmitting saidauthenticating value scrambled using an encryption key local to saiddedicated site.
 18. The system as recited in claim 15, wherein saidprocessor is further operable to execute code for: receiving anadmitting value from an associated remote site; and transmitting ablinded value associated with said received admitting values.
 19. Thesystem as recited claim 18, wherein said admitting value is encryptedusing an encryption key available to said remote site.
 20. The system asrecited in claim 19, wherein said processor is further operable toexecute code for: decrypting said encrypted admitting value.
 21. Thesystem as recited in claim 18, wherein said blinded value is based onadmitting values received from corresponding remote sites.
 22. Thesystem as recited in claim 18, wherein said blinded value is based onsaid admitting value and a remote site identification value.
 23. Thesystem as recited in claim 15, further comprising: an input/output unitin communication with said processor and said network.
 24. The system asrecited in claim 15, wherein said code is stored in said memory.